Skip to content
This repository has been archived by the owner on Nov 1, 2023. It is now read-only.

Add fuzzer_target_options to libfuzzer basic template #1610

Merged
merged 7 commits into from
Jan 27, 2022
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
39 changes: 36 additions & 3 deletions src/cli/onefuzz/templates/libfuzzer.py
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,7 @@ def _create_tasks(
duration: int = 24,
target_workers: Optional[int] = None,
target_options: Optional[List[str]] = None,
fuzzing_target_options: Optional[List[str]] = None,
target_env: Optional[Dict[str, str]] = None,
target_timeout: Optional[int] = None,
tags: Optional[Dict[str, str]] = None,
Expand All @@ -63,6 +64,7 @@ def _create_tasks(
minimized_stack_depth: Optional[int] = None,
coverage_filter: Optional[str] = None,
) -> None:
target_options = target_options or []

regression_containers = [
(ContainerType.setup, containers[ContainerType.setup]),
Expand Down Expand Up @@ -121,6 +123,15 @@ def _create_tasks(
if ensemble_sync_delay is None and vm_count == 1:
ensemble_sync_delay = 0

# Build `target_options` for the `libfuzzer_fuzz` task.
#
# This allows passing arguments like `-runs` to the target only when
# invoked in persistent fuzzing mode, and not test case repro mode.
libfuzzer_fuzz_target_options = target_options.copy()

if fuzzing_target_options:
libfuzzer_fuzz_target_options += fuzzing_target_options

fuzzer_task = self.onefuzz.tasks.create(
job.job_id,
TaskType.libfuzzer_fuzz,
Expand All @@ -130,7 +141,7 @@ def _create_tasks(
reboot_after_setup=reboot_after_setup,
duration=duration,
vm_count=vm_count,
target_options=target_options,
target_options=libfuzzer_fuzz_target_options,
target_env=target_env,
target_workers=target_workers,
tags=tags,
Expand Down Expand Up @@ -236,6 +247,7 @@ def basic(
duration: int = 24,
target_workers: Optional[int] = None,
target_options: Optional[List[str]] = None,
fuzzing_target_options: Optional[List[str]] = None,
target_env: Optional[Dict[str, str]] = None,
target_timeout: Optional[int] = None,
check_retry_count: Optional[int] = None,
Expand Down Expand Up @@ -340,6 +352,7 @@ def basic(
duration=duration,
target_workers=target_workers,
target_options=target_options,
fuzzing_target_options=fuzzing_target_options,
target_env=target_env,
tags=helper.tags,
crash_report_timeout=crash_report_timeout,
Expand Down Expand Up @@ -494,6 +507,7 @@ def dotnet(
duration: int = 24,
target_workers: Optional[int] = None,
target_options: Optional[List[str]] = None,
fuzzing_target_options: Optional[List[str]] = None,
target_env: Optional[Dict[str, str]] = None,
tags: Optional[Dict[str, str]] = None,
wait_for_running: bool = False,
Expand Down Expand Up @@ -567,6 +581,15 @@ def dotnet(
helper.upload_inputs(inputs)
helper.wait_on(wait_for_files, wait_for_running)

# Build `target_options` for the `libfuzzer_fuzz` task.
chkeita marked this conversation as resolved.
Show resolved Hide resolved
#
# This allows passing arguments like `-runs` to the target only when
# invoked in persistent fuzzing mode, and not test case repro mode.
libfuzzer_fuzz_target_options = target_options.copy()

if fuzzing_target_options:
libfuzzer_fuzz_target_options += fuzzing_target_options

self.onefuzz.tasks.create(
helper.job.job_id,
TaskType.libfuzzer_fuzz,
Expand All @@ -576,7 +599,7 @@ def dotnet(
reboot_after_setup=reboot_after_setup,
duration=duration,
vm_count=vm_count,
target_options=target_options,
target_options=libfuzzer_fuzz_target_options,
target_env=target_env,
target_workers=target_workers,
tags=tags,
Expand Down Expand Up @@ -606,6 +629,7 @@ def qemu_user(
duration: int = 24,
target_workers: Optional[int] = 1,
target_options: Optional[List[str]] = None,
fuzzing_target_options: Optional[List[str]] = None,
target_env: Optional[Dict[str, str]] = None,
tags: Optional[Dict[str, str]] = None,
wait_for_running: bool = False,
Expand Down Expand Up @@ -729,6 +753,15 @@ def qemu_user(
helper.upload_inputs(inputs)
helper.wait_on(wait_for_files, wait_for_running)

# Build `target_options` for the `libfuzzer_fuzz` task.
#
# This allows passing arguments like `-runs` to the target only when
# invoked in persistent fuzzing mode, and not test case repro mode.
libfuzzer_fuzz_target_options = target_options.copy()

if fuzzing_target_options:
libfuzzer_fuzz_target_options += fuzzing_target_options

self.logger.info("creating libfuzzer_fuzz task")
fuzzer_task = self.onefuzz.tasks.create(
helper.job.job_id,
Expand All @@ -739,7 +772,7 @@ def qemu_user(
reboot_after_setup=reboot_after_setup,
duration=duration,
vm_count=vm_count,
target_options=target_options,
target_options=libfuzzer_fuzz_target_options,
target_env=target_env,
target_workers=target_workers,
tags=tags,
Expand Down